package com.medata.conf;

import com.medata.conf_bean.RedisConfBean;
import com.medata.realm.AdminRealm;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.crazycake.shiro.RedisCacheManager;
import org.crazycake.shiro.RedisManager;
import org.crazycake.shiro.RedisSessionDAO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author ：zb
 * @date ：Created in 2019/3/22 0022 14:20
 * @description：
 */

@Configuration
@EnableConfigurationProperties(RedisConfBean.class)
public class ShiroConf {

    @Autowired
    RedisConfBean redisConfBean;

    @Bean
    public ShiroFilterFactoryBean shiroFilter(){
        ShiroFilterFactoryBean shiroFilterFactoryBean=new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager());
        shiroFilterFactoryBean.setLoginUrl("/notLogin");
        shiroFilterFactoryBean.setUnauthorizedUrl("/notRole");

        // 设置拦截器
        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        //用户，需要角色权限 “editor”
        filterChainDefinitionMap.put("/editor/**", "roles[editor]");
        //管理员，需要角色权限 “admin”
        filterChainDefinitionMap.put("/admin/**", "roles[admin]");
        //开放登陆接口
        filterChainDefinitionMap.put("/port/*","anon");
        filterChainDefinitionMap.put("/notLogin", "anon");
        filterChainDefinitionMap.put("/login", "anon");
        filterChainDefinitionMap.put("/error","anon");
        //开放pdfjs接口
        filterChainDefinitionMap.put("/pdfjs/**","anon");
        //swagger接口权限 开放
        filterChainDefinitionMap.put("/doc.html***","anon");
        filterChainDefinitionMap.put("/swagger-ui.html", "anon");
        filterChainDefinitionMap.put("/webjars/**", "anon");
        filterChainDefinitionMap.put("/v2/**", "anon");
        filterChainDefinitionMap.put("/swagger-resources/**", "anon");
        //静态资源
        filterChainDefinitionMap.put("/tempFiles/**","anon");
        filterChainDefinitionMap.put("/css/**","anon");
        filterChainDefinitionMap.put("/images/**","anon");
        filterChainDefinitionMap.put("/assets/**","anon");
        filterChainDefinitionMap.put("/bootstrap/**","anon");
        filterChainDefinitionMap.put("/js/**","anon");
        filterChainDefinitionMap.put("/json/**","anon");
        filterChainDefinitionMap.put("/layuiadmin/**","anon");
        filterChainDefinitionMap.put("/page/**","anon");
        filterChainDefinitionMap.put("/fonts/**","anon");
        //其余接口一律拦截
        //主要这行代码必须放在所有权限设置的最后，不然会导致所有 url 都被拦截
        filterChainDefinitionMap.put("/**", "authc");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        System.out.println("Shiro拦截器工厂类注入成功");
        return shiroFilterFactoryBean;
    }

    @Bean
    public SecurityManager securityManager(){
        DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
        securityManager.setRealm(adminRealm());
        securityManager.setCacheManager(redisCacheManager());
        securityManager.setSessionManager(sessionManager());
        //开启remember功能
      //  securityManager.setRememberMeManager(rememberMeManager());
        return securityManager;
    }


    @Bean
    public AdminRealm adminRealm(){
        return new AdminRealm();
    }


    @Bean
    public RedisManager redisManager(){
        RedisManager redisManager=new RedisManager();
        redisManager.setHost(redisConfBean.getHost());
        redisManager.setPort(redisConfBean.getPort());
        redisManager.setExpire(redisConfBean.getExpire());
        redisManager.setTimeout(redisConfBean.getTimeout());
        return redisManager;
    }

    @Bean
    public RedisCacheManager redisCacheManager(){
        RedisCacheManager redisCacheManager=new RedisCacheManager();
        redisCacheManager.setRedisManager(redisManager());
        return redisCacheManager;
    }

    @Bean
    public RedisSessionDAO redisSessionDAO(){
        RedisSessionDAO redisSessionDAO=new RedisSessionDAO();
        redisSessionDAO.setRedisManager(redisManager());
        return redisSessionDAO;
    }

    @Bean
    public DefaultWebSessionManager sessionManager(){
        DefaultWebSessionManager sessionManager=new DefaultWebSessionManager();
        sessionManager.setSessionDAO(redisSessionDAO());
        sessionManager.setSessionIdCookie(getSimple());
        return sessionManager;
    }

    @Bean
    public SimpleCookie getSimple(){
        SimpleCookie simpleCookie=new SimpleCookie();
        //自定义sessionid避免和容易冲突(容易和shiro默认jsessionid)
        simpleCookie.setName("shiro.session.id");
        return simpleCookie;
    }
    
    
    
    //remember的cookie设置
//    @Bean
//    public SimpleCookie rememberMeCookie(){
//    	System.out.println("初始化记住我cookie");
//    	SimpleCookie simpleCookie=new SimpleCookie("rememberMe");
//    	simpleCookie.setMaxAge(300);
//    	return simpleCookie;
//    }
//    
//    @Bean 
//    public CookieRememberMeManager rememberMeManager(){
//    	CookieRememberMeManager cookieRememberMeManager=new CookieRememberMeManager();
//    	cookieRememberMeManager.setCookie(rememberMeCookie());
//        //rememberMe cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度(128 256 512 位)  
//    	cookieRememberMeManager.setCipherKey(Base64.decode("2AvVhdsgUs0FSA3SDFAdag=="));
//    	return cookieRememberMeManager;
//    }
    

}
